Skip to content

Instantly share code, notes, and snippets.

@matbos

matbos/first.yaml

Created May 7, 2020
Embed
What would you like to do?
CloudFormation template with VPC, public and private subnets, prepared for deployment of a database and an API. Article with explanation available here: http://rozchmurzeni.pl/vpc---prywatne-podsieci
AWSTemplateFormatVersion: 2010-09-09
Description: >-
VPC with private subnet prepared for deployment of DB and API.
Full article with explanation available here: http://rozchmurzeni.pl/vpc---prywatne-podsieci
Resources:
Vpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsHostnames: true
InternetGateway:
Type: AWS::EC2::InternetGateway
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref Vpc
# Publiczny subnet
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref Vpc
InternetRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
RouteTableId: !Ref PublicRouteTable
GatewayId: !Ref InternetGateway
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: eu-west-1a
CidrBlock: 10.0.1.0/24
MapPublicIpOnLaunch: true
VpcId: !Ref Vpc
PublicSubnetTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet
# Prywatny subnet
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref Vpc
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: eu-west-1c
CidrBlock: 10.0.3.0/24
VpcId: !Ref Vpc
PrivateSubnetTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnet
# Security grupy
ApiSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Api security group
GroupName: api-security-group
SecurityGroupIngress:
- Description: Open https traffic
CidrIp: 0.0.0.0/0
IpProtocol: TCP
FromPort: 443
ToPort: 443
VpcId: !Ref Vpc
DatabaseSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database secruity group
GroupName: db-security-group
SecurityGroupIngress:
- Description: Allow traffic from api
IpProtocol: TCP
FromPort: 3306
ToPort: 3306
SourceSecurityGroupId: !Ref ApiSecurityGroup
VpcId: !Ref Vpc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.